"Remembering Dave @mtaht - Duncan Cameron at #APNIC60 & his talk "PURPLE: Dynamic Control of #sch_CAKE"

Slides: https://conference.apnic.net/60/assets/presentation-files/f6110bfa-918f-430a-95d6-60a4524d62cf.pdf

Video:
https://www.youtube.com/live/uIcMjPeRT5M?si=550QH_BZWmcQeX0S&t=647

#DaveTaht #schCAKE #BandwidthIsALIE
#APNIC #FQ_CoDel #RF8290 #FQCoDel #latency #AQM #OpenSource #FLOSS #bandwidth #broadband #ISP #WISP #FISP #FTTH #xISP #FTTx

"How can we expect to deploy #IPv6 when #IPv4 in schools still rules?" asks Maria Matějka in the Networking Protocols session at #APNIC60. "We need to flip the order".

(citation of APNIC at x)

We’ve published the final post in our series assessing the Asia-Pacific threat landscape through GCA’s AIDE data, all leading up to CTO Leslie Daigle's keynote at #APNIC60 on Tuesday, September 8th.

This installment examines #DarkPink, a cyber-espionage campaign targeting government, defense, and education sectors across Southeast Asia and beyond.

Using data from #AIDE—our global honeypot network—we confirmed the campaign’s late-2022 surge, heavy reliance on cloud and ISP infrastructure, and credential-driven intrusions.

The findings highlight how attackers abuse legitimate services, exploit weak credentials, and leverage global infrastructure to extend their reach.

More broadly, they reinforce the need for collective action across network operators and the security community to reduce unwanted traffic and strengthen the Internet’s foundations.

💡 Read the final blog here:

https://globalcyberalliance.org/aide-data-darkpink/

#APNIC #APAC #AsiaPacific

North Korea–linked threat group #Kimsuky is expanding its cyber reconnaissance operations across the globe, leveraging offshore infrastructure and persistent hashtag#malware to target the Asia-Pacific region.

We use data from our #AIDE sensor network to uncover Kimsuky’s reliance on distinctive Internet Explorer 11 signatures, offshore hosting, and use of malware families such as BabyShark and AppleSeed. The findings give visibility into how this group blends into global infrastructure to obscure its activity and potentially prepare for future operations.

This is the second in our series of posts by Meghal Donde Pradhan leading up to #APNIC60, highlighting regionally meaningful cyber threats and setting the stage for Leslie Daigle’s keynote on Tuesday, 9 September.

Read the full article to dive into the details and see why strengthening infrastructure security is more urgent than ever.

https://globalcyberalliance.org/aide-data-kimsuky/

In the lead-up to #APNIC60, where Chief Technical Officer Leslie Daigle will give a keynote address, we’re publishing a series of articles that address regionally meaningful threats beyond the well-documented Chinese-origin attacks. Each case offers a different lens on the threat landscape—ranging from geopolitical motivations to financial disruption and targeted espionage. Our goal is to provide context, elevate regional perspectives, and set the stage for deeper discussion during the keynote.

This is the first in that series, covering #APT36, a believed Pakistani state-aligned group that systematically exploits Internet service provider networks to launch cyber operations against Indian targets.

Between April and August 2025, AIDE captured 116,374 incidents on Indian sensors across 75 Autonomous System Numbers (ASNs) based in Pakistan.

The findings show how APT36 abused ISP infrastructure, deployed multi-architecture malware, and exploited routing security gaps at scale.

Read all about what we found, and stay tuned for the next installment.

https://globalcyberalliance.org/aide-data-apt36/

#threatintelligence #threatintel #cybersecurity #AIDE #research #malware #routingsecurity